@hailer/mcp 0.1.2 → 0.1.4

package/dist/client/mcp-assistant.js

@@ -0,0 +1,58 @@
+"use strict";
+/**
+ * MCP Assistant (Lightweight)
+ *
+ * Pure pass-through chatbot. System prompt is loaded on AI PC side.
+ * Just forwards user messages, no local processing.
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.McpAssistant = void 0;
+const openai_1 = __importDefault(require("openai"));
+const logger_1 = require("../lib/logger");
+const logger = (0, logger_1.createLogger)({ component: 'McpAssistant' });
+class McpAssistant {
+    client;
+    constructor(config) {
+        this.client = new openai_1.default({
+            apiKey: config.apiKey,
+            baseURL: config.baseURL,
+        });
+    }
+    /**
+     * Chat - pure pass-through to local LLM
+     */
+    async chat(userMessage, conversationHistory = []) {
+        const model = process.env.OPENAI_MODEL || 'gpt-4o';
+        try {
+            const messages = [
+                ...conversationHistory.slice(-4).map(msg => ({
+                    role: msg.role,
+                    content: msg.content,
+                })),
+                { role: 'user', content: userMessage },
+            ];
+            logger.debug('Chat', { model, msgCount: messages.length });
+            const response = await this.client.chat.completions.create({
+                model,
+                messages,
+                max_tokens: 500,
+                temperature: 0.7,
+            });
+            const reply = response.choices[0]?.message?.content || 'Could not respond.';
+            logger.info('Response', {
+                in: response.usage?.prompt_tokens,
+                out: response.usage?.completion_tokens,
+            });
+            return reply;
+        }
+        catch (error) {
+            logger.error('Chat failed', error);
+            throw error;
+        }
+    }
+}
+exports.McpAssistant = McpAssistant;
+//# sourceMappingURL=mcp-assistant.js.map

package/dist/client/mcp-client.js

@@ -8,6 +8,7 @@ exports.McpClient = void 0;
 const message_processor_1 = require("./message-processor");
 const openai_provider_1 = require("./providers/openai-provider");
 const anthropic_provider_1 = require("./providers/anthropic-provider");
+const assistant_provider_1 = require("./providers/assistant-provider");
 const multi_bot_manager_1 = require("./multi-bot-manager");
 const agent_tracker_1 = require("./agent-tracker");
 const token_tracker_1 = require("./token-tracker");
@@ -102,6 +103,9 @@ class McpClient {
                     case "anthropic":
                         provider = new anthropic_provider_1.AnthropicProvider(providerConfig);
                         break;
+                    case "assistant":
+                        provider = new assistant_provider_1.AssistantProvider(providerConfig);
+                        break;
                     case "gemini":
                         // TODO: Implement GeminiProvider
                         console.warn(`⚠️ Provider type ${providerConfig.type} not yet implemented`);
@@ -306,9 +310,11 @@ class McpClient {
                     }
                     return; // Skip LLM processing
                 }
-                // Generate and post personalized confirmation message
+                // Generate and post personalized confirmation message (skip if empty)
                 const confirmationMessage = await provider.generateConfirmationMessage(message);
-                await this.messageProcessor.postMessage(message.discussionId, confirmationMessage, message.workspaceId, message.mentionedOrDirectMessagedBotId);
+                if (confirmationMessage) {
+                    await this.messageProcessor.postMessage(message.discussionId, confirmationMessage, message.workspaceId, message.mentionedOrDirectMessagedBotId);
+                }
                 const response = await this.processMessage(message, provider);
                 await this.handleResponse(message, response);
                 // LOG COMPLETION EVENT - Bot finished processing

package/dist/client/providers/assistant-provider.d.ts

@@ -0,0 +1,17 @@
+/**
+ * Assistant Provider
+ *
+ * Pure pass-through chatbot. No tools, no local system prompt.
+ * System prompt is loaded on AI PC side via llama-server.
+ */
+import { ChatMessage, McpResponse } from "../types";
+import { LlmProvider } from "./llm-provider";
+import { LlmProviderConfig } from "../types";
+export declare class AssistantProvider extends LlmProvider {
+    private assistant;
+    constructor(config: LlmProviderConfig);
+    generateConfirmationMessage(_userMessage: ChatMessage): Promise<string>;
+    processMessage(userMessage: ChatMessage, _mcpServerUrl: string, _botMcpApiKey: string, _botEmail: string): Promise<McpResponse>;
+    protected callMcpTool(): Promise<any>;
+}
+//# sourceMappingURL=assistant-provider.d.ts.map

package/dist/client/providers/assistant-provider.js

@@ -0,0 +1,51 @@
+"use strict";
+/**
+ * Assistant Provider
+ *
+ * Pure pass-through chatbot. No tools, no local system prompt.
+ * System prompt is loaded on AI PC side via llama-server.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AssistantProvider = void 0;
+const llm_provider_1 = require("./llm-provider");
+const mcp_assistant_1 = require("../mcp-assistant");
+class AssistantProvider extends llm_provider_1.LlmProvider {
+    assistant;
+    constructor(config) {
+        super(config);
+        this.assistant = new mcp_assistant_1.McpAssistant({
+            apiKey: config.apiKey,
+            baseURL: config.baseURL,
+        });
+    }
+    async generateConfirmationMessage(_userMessage) {
+        // No confirmation message - direct response only
+        return '';
+    }
+    async processMessage(userMessage, _mcpServerUrl, _botMcpApiKey, _botEmail) {
+        if (!this.isEnabled()) {
+            return { success: false, error: "Assistant not enabled" };
+        }
+        try {
+            const startTime = Date.now();
+            const cleanedMessage = this.removeMentions(userMessage);
+            this.logger.debug('Chat request', { user: userMessage.userName });
+            const response = await this.assistant.chat(cleanedMessage);
+            this.logger.info('Chat done', { duration: Date.now() - startTime });
+            return {
+                success: true,
+                response,
+                toolCalls: [],
+            };
+        }
+        catch (error) {
+            this.logError(error, "processMessage");
+            return { success: false, error: error.message };
+        }
+    }
+    async callMcpTool() {
+        throw new Error("Assistant does not use tools");
+    }
+}
+exports.AssistantProvider = AssistantProvider;
+//# sourceMappingURL=assistant-provider.js.map

package/dist/client/providers/openai-provider.js

@@ -20,6 +20,7 @@ class OpenAIProvider extends llm_provider_1.LlmProvider {
         super(config);
         this.client = new openai_1.default({
             apiKey: config.apiKey,
+            baseURL: config.baseURL,
         });
         this.contextManager = (0, context_manager_1.getContextManager)({
             openaiApiKey: config.apiKey,
@@ -72,11 +73,19 @@ class OpenAIProvider extends llm_provider_1.LlmProvider {
             const startTime = Date.now();
             // Load tool index with automatic filtering
             // Chat bot only gets READ + WRITE tools (no PLAYGROUND tools)
+            // In 'minimal' mode, only load essential chat tools (~3 tools vs 40+)
             const allowedGroups = [tool_registry_1.ToolGroup.READ, tool_registry_1.ToolGroup.WRITE];
+            const minimalChatTools = [
+                'add_discussion_message',
+                'fetch_discussion_messages',
+                'search_workspace_users'
+            ];
+            const isMinimalMode = process.env.CHAT_BOT_MODE === 'minimal';
             const toolIndex = await this.toolSchemaLoader.loadToolIndex({
                 mcpServerUrl,
                 mcpServerApiKey: botMcpApiKey,
-                allowedGroups
+                allowedGroups,
+                allowedTools: isMinimalMode ? minimalChatTools : undefined
             });
             if (!toolIndex || toolIndex.length === 0) {
                 this.logger.warn("No MCP tools available");

package/dist/client/tool-schema-loader.d.ts

@@ -25,6 +25,7 @@ export interface LoadToolsOptions {
     mcpServerUrl: string;
     mcpServerApiKey: string;
     allowedGroups: ToolGroup[];
+    allowedTools?: string[];
     excludeMessageFetchTools?: boolean;
 }
 export declare class ToolSchemaLoader {

package/dist/client/tool-schema-loader.js

@@ -22,9 +22,17 @@ class ToolSchemaLoader {
      * Returns lightweight tool list with optional exclusions
      */
     async loadToolIndex(options) {
-        const { mcpServerUrl, mcpServerApiKey, allowedGroups, excludeMessageFetchTools } = options;
+        const { mcpServerUrl, mcpServerApiKey, allowedGroups, allowedTools, excludeMessageFetchTools } = options;
         // Fetch tool index from MCP server with group filtering
         let toolIndex = await this.fetchMcpToolIndex(mcpServerUrl, mcpServerApiKey, allowedGroups);
+        // Filter by explicit whitelist if provided (overrides group filtering)
+        if (allowedTools && allowedTools.length > 0) {
+            toolIndex = toolIndex.filter(tool => allowedTools.includes(tool.name));
+            logger.info("Filtered tools by whitelist", {
+                allowedTools,
+                resultCount: toolIndex.length
+            });
+        }
         // Optionally exclude message fetch tools if explicitly requested
         if (excludeMessageFetchTools) {
             const excludedTools = ['fetch_discussion_messages', 'fetch_previous_discussion_messages'];

package/dist/client/types.d.ts

@@ -16,8 +16,9 @@ export interface McpClientConfig {
 }
 export interface LlmProviderConfig {
     name: string;
-    type: "openai" | "anthropic" | "gemini";
+    type: "openai" | "anthropic" | "gemini" | "assistant";
     apiKey: string;
+    baseURL?: string;
     model: string;
     enabled: boolean;
     maxTokens?: number;

package/dist/config.d.ts

@@ -35,6 +35,7 @@ export declare const environment: {
     MCP_CLIENT_AGENT_IDS: string[];
     TOKEN_USAGE_BOT_ENABLED: boolean;
     AGENT_ACTIVITY_BOT_ENABLED: boolean;
+    CHAT_BOT_MODE: "full" | "minimal" | "assistant";
     ADAPTIVE_DOCUMENTATION_BOT_ENABLED: boolean;
     ADAPTIVE_AUTO_UPDATE: boolean;
     ADAPTIVE_UPDATE_INTERVAL: number;
@@ -49,6 +50,8 @@ export declare const environment: {
     WORKSPACE_CONFIG_PATH?: string | undefined;
     DEV_APPS_PATH?: string | undefined;
     OPENAI_API_KEY?: string | undefined;
+    OPENAI_API_BASE?: string | undefined;
+    OPENAI_MODEL?: string | undefined;
     ANTHROPIC_API_KEY?: string | undefined;
 };
 export interface HailerAccount {
@@ -60,8 +63,9 @@ export interface HailerAccount {
 }
 export interface LlmProvider {
     name: string;
-    type: 'openai' | 'anthropic';
+    type: 'openai' | 'anthropic' | 'assistant';
     apiKey: string;
+    baseURL?: string;
     model: string;
     enabled: boolean;
 }

package/dist/config.js

@@ -102,6 +102,8 @@ const environmentSchema = zod_1.z.object({
     DEV_APPS_PATH: zod_1.z.string().optional(),
     // LLM providers
     OPENAI_API_KEY: zod_1.z.string().min(1).optional(),
+    OPENAI_API_BASE: zod_1.z.string().url().optional(),
+    OPENAI_MODEL: zod_1.z.string().optional(),
     ANTHROPIC_API_KEY: zod_1.z.string().min(1).optional(),
     // MCP client settings
     MCP_SERVER_URL: zod_1.z.string().url().default('http://localhost:3030/api/mcp'),
@@ -110,6 +112,8 @@ const environmentSchema = zod_1.z.object({
     // Bot features
     TOKEN_USAGE_BOT_ENABLED: zod_1.z.string().transform(v => v !== 'false').default('true'),
     AGENT_ACTIVITY_BOT_ENABLED: zod_1.z.string().transform(v => v !== 'false').default('true'),
+    // Chat bot mode: 'full' = all tools, 'minimal' = chat tools only, 'assistant' = no tools (knowledge-based help)
+    CHAT_BOT_MODE: zod_1.z.enum(['full', 'minimal', 'assistant']).default('full'),
     ADAPTIVE_DOCUMENTATION_BOT_ENABLED: zod_1.z.string().transform(v => v === 'true').default('false'),
     ADAPTIVE_AUTO_UPDATE: zod_1.z.string().transform(v => v === 'true').default('false'),
     ADAPTIVE_UPDATE_INTERVAL: zod_1.z.string().transform(v => parseInt(v) || 60000).default('60000'),
@@ -164,12 +168,14 @@ class ApplicationConfig {
     }
     get llmProviders() {
         const providers = [];
-        if (exports.environment.OPENAI_API_KEY) {
+        if (exports.environment.OPENAI_API_KEY || exports.environment.OPENAI_API_BASE) {
+            const isAssistantMode = exports.environment.CHAT_BOT_MODE === 'assistant';
             providers.push({
-                name: 'openai-gpt4o',
-                type: 'openai',
-                apiKey: exports.environment.OPENAI_API_KEY,
-                model: 'gpt-4o',
+                name: isAssistantMode ? 'mcp-assistant' : (exports.environment.OPENAI_API_BASE ? 'local-llm' : 'openai-gpt4o'),
+                type: isAssistantMode ? 'assistant' : 'openai',
+                apiKey: exports.environment.OPENAI_API_KEY || 'not-needed',
+                baseURL: exports.environment.OPENAI_API_BASE,
+                model: exports.environment.OPENAI_MODEL || 'gpt-4o',
                 enabled: true,
             });
         }

package/mcp-system-prompt.txt

@@ -0,0 +1,127 @@
+You are the MCP Assistant for Hailer MCP Server. Help users understand what MCP agents can do and guide them to the right agent for their task.
+
+# What is Hailer MCP?
+
+Hailer MCP is a Model Context Protocol server that connects Claude Code to Hailer workspaces. It provides 34+ tools for managing workflows, activities, insights, apps, and discussions.
+
+Hailer is a SaaS platform for business process management with:
+- Workspaces (organizations)
+- Workflows (kanban-style process boards with phases)
+- Activities (data records within workflows)
+- Discussions (chat threads attached to activities)
+- Insights (SQL-like reports over workflow data)
+- Apps (custom React applications)
+
+# Available Agents
+
+## Fast Agents (haiku model)
+
+### kenji - Data Reader
+- Reads schema, fields, phases from local workspace/ files
+- Falls back to API for activity data and counts
+- Use for: "What fields does X have?", "List workflows", "Show phases"
+
+### dmitri - Data Writer
+- Creates and updates activities (single or bulk)
+- Use for: "Create customer", "Update 50 records", "Move to phase"
+- Needs: workflow_id, phase_id, field values from kenji first
+
+### yevgeni - Discussion Handler
+- Reads/posts messages, manages discussion membership
+- Use for: "Post message", "Read chat history", "Invite user to discussion"
+
+### bjorn - Config Auditor
+- Audits CLAUDE.md, agents, hooks, settings.json
+- Use for: "Check if config is correct", "Find orphaned files"
+
+## Reasoning Agents (sonnet model)
+
+### helga - Workspace Config
+- Manages workflows, fields, phases via TypeScript SDK files
+- Use for: "Add field to workflow", "Create new workflow", "Rename phase"
+- Returns commands for orchestrator to run (npm run push)
+
+### viktor - SQL Insights
+- Creates SQL-like reports over workflow data
+- Use for: "Report of high priority tasks", "Sales by month", "Join customers with orders"
+- Always previews before creating
+
+### giuseppe - App Builder
+- Builds Hailer apps with React/TypeScript/Chakra
+- Use for: "Build dashboard showing customers", "Create kanban app"
+- Needs: workflow_id, phase_id, field_ids from kenji first
+
+### alejandro - Function Fields
+- Creates calculated/formula fields in workflows
+- Use for: "Add Total Cost = qty * price", "Concatenate first + last name"
+- Always tests formulas before enabling
+
+### gunther - MCP Tool Builder
+- Creates new MCP tools for the server itself
+- Use for: "Add tool to count activities", "Create new API endpoint"
+
+### svetlana - Code Reviewer
+- Reviews code for bugs, security, best practices (READ-ONLY)
+- Use for: "Review my changes", "Check for security issues"
+
+### ada - Skill Creator
+- Creates skills when agents fail repeatedly
+- Use for: "Viktor keeps getting JOINs wrong", "Document this pattern"
+
+### ingrid - Document Templates
+- Creates PDF/CSV document templates
+- Use for: "Create invoice template", "Add report template"
+
+### agent-builder - Agent Creator
+- Creates new lean agents (<50 lines)
+- Use for: "I need an agent for X"
+
+# How Agents Work
+
+1. User asks the orchestrator (main Claude)
+2. Orchestrator delegates to appropriate agent
+3. Agent returns JSON with result
+4. Orchestrator interprets and reports back
+
+Agents output JSON only:
+{ "status": "success|error", "result": {...}, "summary": "..." }
+
+# Common Workflows
+
+## Read data
+kenji → list workflows, get schema, get fields
+
+## Create/update data
+kenji (get IDs) → dmitri (create/update)
+
+## Build report
+kenji (get schema) → viktor (create insight)
+
+## Build app
+kenji (get IDs) → giuseppe (scaffold + build)
+
+## Configure workspace
+helga (edit files) → orchestrator runs push commands
+
+# Current Version: 0.0.5
+
+Recent changes:
+- Hailer app builder improvements
+- Marketplace template publishing
+- Safety hooks for destructive operations
+- 34+ MCP tools available
+
+# Limitations
+
+- Agents run via Claude Code CLI, not standalone
+- Workspace-scoped (cannot access external systems)
+- Orchestrator must provide IDs to write agents
+- Some operations require npm run commands
+
+# Guidelines
+
+- Be concise (1-3 sentences per response)
+- Match user's language
+- If unsure which agent, ask clarifying question
+- You guide users, you cannot execute actions yourself
+- Recommend kenji first for any data lookup

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@hailer/mcp",
-  "version": "0.1.2",
+  "version": "0.1.4",
   "config": {
     "docker": {
       "registry": "registry.gitlab.com/hailer-repos/hailer-mcp"

package/.claude/hooks/sdk-delete-guard.cjs

@@ -1,119 +0,0 @@
-#!/usr/bin/env node
-/**
- * SDK Delete Guard Hook
- *
- * PreToolUse hook that catches SDK commands which may delete resources
- * and blocks them, instructing Claude to use `yes |` prefix if user confirms.
- *
- * Triggered by: npm run push, npm run *-sync, npm run *-push commands
- */
-
-// Commands that can cause deletions
-const DELETE_RISK_PATTERNS = [
-  /npm run push\b/,           // Full push - can delete workflows, fields, phases
-  /npm run workflows-sync\b/, // Sync workflows - can delete workflows
-  /npm run workflows-push\b/, // Push workflows - can delete workflows
-  /npm run phases-push\b/,    // Push phases - can delete phases
-  /npm run fields-push\b/,    // Push fields - can delete fields
-  /npm run groups-push\b/,    // Push groups - can delete groups
-  /npm run teams-push\b/,     // Push teams - can delete teams
-  /npm run insights-push\b/,  // Push insights - can delete insights
-  /npm run templates-sync\b/, // Sync templates - can delete templates
-  /npm run templates-push\b/, // Push templates - can modify/delete templates
-  /hailer-sdk ws-config push\b/,
-  /hailer-sdk ws-config.*sync\b/,
-];
-
-// Commands that are already safe (have yes | prefix)
-const SAFE_PATTERNS = [
-  /^yes\s*\|/,
-  /^echo\s+[yYnN]\s*\|/,
-];
-
-// Read stdin
-async function readStdin() {
-  return new Promise((resolve) => {
-    let data = '';
-    process.stdin.setEncoding('utf8');
-    process.stdin.on('data', chunk => data += chunk);
-    process.stdin.on('end', () => resolve(data));
-    setTimeout(() => resolve(data), 100);
-  });
-}
-
-async function main() {
-  try {
-    const input = await readStdin();
-
-    if (!input.trim()) {
-      process.exit(0);
-    }
-
-    const hookData = JSON.parse(input);
-    const command = hookData.tool_input?.command || '';
-
-    // If command already has yes/echo prefix, allow it
-    const isSafe = SAFE_PATTERNS.some(pattern => pattern.test(command));
-    if (isSafe) {
-      process.exit(0);
-    }
-
-    // Check if this is a delete-risk command
-    const isDeleteRisk = DELETE_RISK_PATTERNS.some(pattern => pattern.test(command));
-
-    if (!isDeleteRisk) {
-      process.exit(0);
-    }
-
-    // Output instructions to stderr (appears as system reminder)
-    // This ensures Claude sees and follows the instructions
-    const instructions = `============================================================
-⚠️ MANDATORY ACTION REQUIRED - DO NOT SKIP
-============================================================
-
-STOP! You MUST use the AskUserQuestion tool BEFORE running this command.
-This is a DESTRUCTIVE operation that may DELETE resources from Hailer.
-
-USE THIS EXACT AskUserQuestion CALL:
-
-\`\`\`json
-{
-  "questions": [{
-    "question": "This command may delete resources from Hailer. Items removed from local config will be PERMANENTLY deleted. Proceed with: ${command}?",
-    "header": "Confirm Delete",
-    "options": [
-      { "label": "Yes, delete", "description": "Proceed with the destructive operation" },
-      { "label": "No, cancel", "description": "Abort - don't delete anything" }
-    ],
-    "multiSelect": false
-  }]
-}
-\`\`\`
-
-After user responds:
-- If "Yes, delete": Run: yes | ${command}
-- If "No, cancel": Acknowledge cancellation, do NOT run the command
-
-============================================================
-REMEMBER: ASK FIRST using AskUserQuestion, then act based on response.
-============================================================`;
-
-    // Output to stderr so it appears as system reminder
-    console.error(instructions);
-
-    // Block the command - Claude must ask first
-    const response = {
-      permissionDecision: "deny",
-      permissionDecisionReason: "Command blocked. Follow the instructions above to ask user for confirmation first."
-    };
-
-    console.log(JSON.stringify(response));
-    process.exit(0);
-
-  } catch (error) {
-    console.error(`[sdk-delete-guard] Error: ${error.message}`);
-    process.exit(0);
-  }
-}
-
-main();